Add access control for entering data

src/main/java/org/kickerelo/kickerelo/views/Enter1vs1View.java

@@ -6,10 +6,12 @@ import org.kickerelo.kickerelo.exception.InvalidDataException;
 import org.kickerelo.kickerelo.exception.NoSuchPlayerException;
 import org.kickerelo.kickerelo.exception.PlayerNameNotSetException;
 import org.kickerelo.kickerelo.service.KickerEloService;
+import org.kickerelo.kickerelo.util.AccessControlService;
 
 import com.vaadin.flow.component.button.Button;
 import com.vaadin.flow.component.combobox.ComboBox;
 import com.vaadin.flow.component.html.H2;
+import com.vaadin.flow.component.html.Paragraph;
 import com.vaadin.flow.component.notification.Notification;
 import com.vaadin.flow.component.notification.NotificationVariant;
 import com.vaadin.flow.component.orderedlayout.VerticalLayout;
@@ -19,7 +21,14 @@ import com.vaadin.flow.router.Route;
 @Route("enter1vs1")
 public class Enter1vs1View extends VerticalLayout {
 
-    public Enter1vs1View(KickerEloService eloService) {
+    public Enter1vs1View(KickerEloService eloService, AccessControlService accessControlService) {
+        // Deny access if user isn't part of the Kicker User group
+        if (!accessControlService.userAllowedForRole("Kicker User") && !accessControlService.userAllowedForRole("Kicker Admin")) {
+            add(new Paragraph("Du bist nicht berechtigt, diese Seite zu sehen."));
+            getUI().ifPresent(ui -> ui.navigate(""));
+            return;
+        }
+
         H2 subheading = new H2("1 vs 1 Ergebnis");
 
         ComboBox<Spieler> winnerSelect = new ComboBox<>("Gewinner");

src/main/java/org/kickerelo/kickerelo/views/Enter2vs2View.java

@@ -6,6 +6,7 @@ import org.kickerelo.kickerelo.exception.InvalidDataException;
 import org.kickerelo.kickerelo.exception.NoSuchPlayerException;
 import org.kickerelo.kickerelo.exception.PlayerNameNotSetException;
 import org.kickerelo.kickerelo.service.KickerEloService;
+import org.kickerelo.kickerelo.util.AccessControlService;
 
 import com.vaadin.flow.component.button.Button;
 import com.vaadin.flow.component.combobox.ComboBox;
@@ -18,7 +19,14 @@ import com.vaadin.flow.router.Route;
 
 @Route("enter2vs2")
 public class Enter2vs2View extends VerticalLayout {
-    public Enter2vs2View(KickerEloService eloService) {
+    public Enter2vs2View(KickerEloService eloService, AccessControlService accessControlService) {
+        // Deny access if user isn't part of the Kicker User group
+        if (!accessControlService.userAllowedForRole("Kicker User") && !accessControlService.userAllowedForRole("Kicker Admin")) {
+            add(new H2("Du bist nicht berechtigt, diese Seite zu sehen."));
+            getUI().ifPresent(ui -> ui.navigate(""));
+            return;
+        }
+
         H2 subheading = new H2("2 vs 2 Ergebnis");
 
         ComboBox<Spieler> winnerFrontSelect = new ComboBox<>("Gewinner vorne");

src/main/resources/application-prod.properties

@@ -2,13 +2,19 @@ server.port=${PORT:8080}
 logging.level.org.atmosphere = warn
 spring.mustache.check-template-location = false
 
-spring.datasource.url=${DATABASE_URI}
+# spring.datasource.url=${DATABASE_URI}
-spring.datasource.username=${DATABASE_USER}
+# spring.datasource.username=${DATABASE_USER}
-spring.datasource.password=${DATABASE_PASSWORD}
+# spring.datasource.password=${DATABASE_PASSWORD}
-spring.datasource.driver-class-name=org.mariadb.jdbc.Driver
+# spring.datasource.driver-class-name=org.mariadb.jdbc.Driver
-spring.jpa.hibernate.ddl-auto=validate
+# spring.jpa.hibernate.ddl-auto=validate
-spring.jpa.show-sql=false
+# spring.jpa.show-sql=false
-spring.jpa.open-in-view=false
+# spring.jpa.open-in-view=false
+
+spring.datasource.driver-class-name=org.h2.Driver
+spring.datasource.username=sa
+spring.datasource.password=
+spring.jpa.hibernate.ddl-auto=update
+spring.jpa.show-sql=true
 
 # == OIDC Configuration ==
 spring.security.oauth2.client.registration.oidc.client-id=${OIDC_CLIENT_ID}
@@ -21,4 +27,4 @@ spring.security.oauth2.client.provider.oidc.issuer-uri=${OIDC_ISSUER_URI}
 vaadin.urlMapping=/app/*
 
 # In prod mode, never add the test data to the database
-spring.sql.init.mode=never
+# spring.sql.init.mode=never